If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Web browser vulnerabilities - is safe surfing possible?

The Web Can Be a Dangerous Place

Back in the “olden days” of the World Wide Web, “seeing the sites” was a relatively safe activity. Most Web pages were written in simple HTML, with text and pictures and not much else (of course, the very first browsers were text-only). An animated .gif was about as “active” as it got prior to the 90s. However, Web developers soon fell prey to the “gotta build a better mousetrap” syndrome, and all sorts of new technologies emerged to make Web browsing a richer, more entertaining and more interactive experience.

Soon Web pages contained much more than text and pictures. Web designers began to use scripting and other embedded code to make their pages come alive. Microsoft introduced ActiveX, an outgrowth of OLE and COM technologies, that provides functionality similar to Java applets but with more flexibility (and posing a bigger security risk) because ActiveX controls can access the Windows operating system.

Scripts, applets and ActiveX controls can all be embedded in Web pages to do some amazing things, but they can also be used by malicious coders to do not-so-wonderful things such as infecting your computer with a virus, surreptitiously install software on your machine that will allow a hacker to take control of it, launch an attack, etc. This is due to the nature of the technologies; like all technologies, it can be used for good or evil.

As if that weren’t enough, all popular Web browsers (like all software of every type) have security flaws, some more serious than others. Microsoft’s Internet Explorer has recently been hit by the discovery of several serious security holes, including the “download.ject” exploit that affects IE users when they access a Web site on an infected IIS machine.